Cisco Cisco Web Security Appliance S170 Guía Del Usuario
C H A P T E R
13-1
Cisco IronPort AsyncOS 7.7 for Web User Guide
13
Data Security and External DLP Policies
•
•
•
•
•
•
•
•
Data Security and External DLP Policies Overview
In the Information Age, your organization’s data is one of its most prized possessions. Your organization
spends a lot of money making data available to your employees, customers, and partners. Data is always
on the move by traveling over the web and email. This increased access poses challenges for information
security professionals to figure out how to prevent the malicious, accidental, or unintentional loss of
sensitive and proprietary information.
spends a lot of money making data available to your employees, customers, and partners. Data is always
on the move by traveling over the web and email. This increased access poses challenges for information
security professionals to figure out how to prevent the malicious, accidental, or unintentional loss of
sensitive and proprietary information.
The Web Security appliance secures your data by providing the following capabilities:
•
Cisco IronPort Data Security Filters. The Cisco IronPort Data Security Filters on the Web
Security appliance evaluate data leaving the network over HTTP, HTTPS, and FTP to control what
data goes where and how and by whom.
Security appliance evaluate data leaving the network over HTTP, HTTPS, and FTP to control what
data goes where and how and by whom.
•
Third party data loss prevention (DLP) integration. The Web Security appliance integrates with
leading third party content-aware DLP systems that identify and protect sensitive data. The Web
Proxy uses the Internet Content Adaptation Protocol (ICAP) which is a lightweight HTTP based
protocol that allows proxy servers to offload content scanning to external systems. By offloading the
content scanning to dedicated external systems, the Web Proxy can take advantage of the deep
content scanning in other products while being free to perform other Web Proxy functions with
minimal performance impact.
leading third party content-aware DLP systems that identify and protect sensitive data. The Web
Proxy uses the Internet Content Adaptation Protocol (ICAP) which is a lightweight HTTP based
protocol that allows proxy servers to offload content scanning to external systems. By offloading the
content scanning to dedicated external systems, the Web Proxy can take advantage of the deep
content scanning in other products while being free to perform other Web Proxy functions with
minimal performance impact.
By working with the Cisco IronPort Data Security Filters and external DLP systems, the Web Security
appliance allows you to protect information and intellectual property and enforce regulatory and
organization compliance by preventing users from unintentionally uploading sensitive data. You define
what kind of data is allowed to leave the network.
appliance allows you to protect information and intellectual property and enforce regulatory and
organization compliance by preventing users from unintentionally uploading sensitive data. You define
what kind of data is allowed to leave the network.
To restrict data that is leaving the network, the Web Security appliance provides the following types of
policy groups:
policy groups: